Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-08 00:52:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX Security access problem with external users on projects/tasks

Browse Source
This commit is contained in:
Laurent Destailleur
2017-01-12 15:23:30 +01:00
parent 8d5c853267
commit f185a09693
18 changed files with 26 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/projet/note.php
View File

@@ -41,7 +41,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be inclu
// Security check
$socid=0;
if ($user->societe_id > 0) $socid=$user->societe_id;
//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement.
$result = restrictedArea($user, 'projet', $id,'projet&project');
$permissionnote=$user->rights->projet->creer; // Used by the include of actions_setnotes.inc.php